Re: ISP and router configs

[Bert Van Kets <mailing () vankets com>]

> I recently did a test on an embedded device that worked like this, you
> went to the company web site and set the configs then it passed them
> to the device. All the comms was done over HTTP so it was a simple
> task to poison the DNS, put myself in the middle and then proxy all
> the traffic.
>
> Being a modem you probably aren't going to be able to get between it
> and the ISP but it might be worth port scanning it to see what ports
> are open, if the config port is open internally as well as externally
> then you might be able to program it yourself if you can get hold of
> the specs. They aren't usually fussy which interface config ports bind
> to so it might work.
>
> And 40 up/2 down, unless you seed a lot of stuff sounds like they
> ripped you off there as well :)
>
> Robin

Port scanning the modem might give some interesting info. I'll do that
this weekend.
The communication with the site goes over HTTPS, but that doesn't stop a
dedicated hacker. I have not reason what so ever to trust the tech guys
at the ISP to make sure my config data is secure in house.

Of course I get 40Mbps down and 2Mbps up. LOL

Bert
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com